Out-of-Bounds Read in Linux Kernel SMB2 Write Vulnerability
CVE-2023-3865

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 16 August 2025

What is CVE-2023-3865?

The Linux kernel contains a vulnerability within the ksmbd module related to processing SMB2 write requests. Specifically, the function ksmbd_smb2_check_message fails to validate the NextCommand field correctly. When NextCommand exceeds the sum of Offset and Length in a smb2 write operation, it can lead to oversized write lengths. This mismanagement ultimately allows for out-of-bounds reads, potentially exposing sensitive information in memory.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 3813eee5154d6a4c5875cb4444cb2b63bac8947f

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 58a9c41064df27632e780c5a3ae3e0e4284957d1

References

https://git.kernel.org/stable/c/3813eee5154d6a4c5875cb444...

https://git.kernel.org/stable/c/c86211159bc3178b891e0d60e...

https://git.kernel.org/stable/c/58a9c41064df27632e780c5a3...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 16, 2025
Vulnerability Reserved
Jul 24, 2023